Hacker News: rudolf0

New comment by rudolf0 in "US spies still haven't told Congress the number of Americans caught in dragnet"

rudolf0 — Fri, 10 Mar 2017 22:33:53 +0000

I'm sure it is, but the issue is more complex than that.

How much data is stored on each person? How many hoops does an individual analyst have to jump through, if any, to access that information for an individual? Is it stored in an encrypted or anonymized way so that an analyst can't access the details without approval from management? Are there jobs constantly scanning this dataset and alerting on suspicious patterns, and if so, what is the average false positive rate and does an alert give carte blanche to read all of the data collected about that individual and their connections and connections-to-connections?

I doubt Congress will ever get clear or entirely truthful answers to those questions, let alone the general public.

New comment by rudolf0 in "After CIA leak, Intel Security releases detection tool for EFI rootkits"

rudolf0 — Fri, 10 Mar 2017 22:04:39 +0000

>Why bother with employees - just go give money to intel to do this.

Risk of refusal. Risk of intentional or unintentional leaks.

New comment by rudolf0 in "CIA trying to inject into Little Snitch"

rudolf0 — Tue, 07 Mar 2017 19:57:55 +0000

That's not what he was saying. Yes, it would of course be a good idea to try to hide the malware implants from tools like Little Snitch. It's just that the method they propose of going about it is really dumb.

What tptacek is saying is that instead of writing some hand-tailored userspace code to specifically fool Little Snitch, they should just be using a kernel module that will hide the network and process activity from all analysis tools. That's what most nation-state malware does (or tries to do).

New comment by rudolf0 in "Slack is Down"

rudolf0 — Tue, 07 Mar 2017 19:47:43 +0000

>The status.slack.com was also overloaded during this time and it may have been inaccessible.

This is starting to become a common theme...

New comment by rudolf0 in "Prenda Saga Update: John Steele Pleads Guilty, Admits Entire Scheme"

rudolf0 — Tue, 07 Mar 2017 19:33:33 +0000

Eh, years in a federal jail cell seems like it's not worth even $1 billion to me. And they made a lot less than that.

New comment by rudolf0 in "Programmers are confessing their sins to protest a broken job interview process"

rudolf0 — Tue, 28 Feb 2017 22:27:08 +0000

https://www.linkedin.com/pulse/software-engineer-detained-se...

New comment by rudolf0 in "I am an Uber survivor"

rudolf0 — Mon, 27 Feb 2017 22:23:19 +0000

I don't think it's flag-worthy because it absolutely could be true. It's not like anything here is that difficult to believe given previous insider reports from Uber. None of the claims here are that absurd.

But, yes, it could easily be an anonymous troll. It needs verification.

New comment by rudolf0 in "I Wrote My Fastest Hashtable"

rudolf0 — Mon, 27 Feb 2017 20:02:25 +0000

Their non-mobile quality seems to be pretty high as far as I can tell, but, yeah, I feel like he'd have to agree their iOS app is the definition of clowntown.

New comment by rudolf0 in "I wrote a program that emails me when one of my friends orders Domino's"

rudolf0 — Mon, 27 Feb 2017 19:31:49 +0000

Should be pretty easy to fix. Just HMAC (or just concatenate pepper and hash, honestly) the phone number and use that as the identifier.

New comment by rudolf0 in "List of Sites Affected by Cloudflare's HTTPS Traffic Leak"

rudolf0 — Fri, 24 Feb 2017 21:35:58 +0000

As far as I can tell he's basically 2nd-in-command.

New comment by rudolf0 in "A textbook case in workplace discrimination"

rudolf0 — Fri, 24 Feb 2017 21:30:51 +0000

>Instead he replied that if Uber paid a little more for the women’s jackets, they would have been beneficiaries of special privilege. This is standard bigot’s code for denying people protection from discrimination because of their gender, race, religion, or sexual preference.

I think the jacket issue has Uber clearly in the wrong, but it's a huge stretch to claim that opposition to giving a minority group special privileges is always "standard bigot's code".

New comment by rudolf0 in "How a Mistake Gave Us the Word 'Cherry'"

rudolf0 — Fri, 24 Feb 2017 21:28:08 +0000

Now I'd like to know how the French word for "shampoo" (the noun) came to be "le shampooing".

New comment by rudolf0 in "Kim Jong-Nam Was Killed by VX Nerve Agent, Malaysians Say"

rudolf0 — Fri, 24 Feb 2017 16:33:46 +0000

True, but I feel like if they wanted to ensure their death, they could've just wiped them with the same rag after Kim was confirmed to be exposed. It seems they just let them go, so I guess they didn't care either one way or the other about their survival?

New comment by rudolf0 in "The Holocaust’s Great Escape"

rudolf0 — Wed, 22 Feb 2017 19:01:14 +0000

And were any of these actually in positions of power to know definitively whether or not extermination programs existed (including ones not at their local camp)?

Also, how about Einsatzgruppen? Are there witnesses claiming they didn't exist either?

edit: Also, what's your response to the Wannsee notes and Posen speeches? Even if hypothetically the gas chambers never did exist, there's clear evidence they very strongly intended to kill all European Jews. Clear intent + 6 million Jews missing + a whole lot of mass graves seems like a pretty cut and dry case, even if you have to resort to saying they were all starved/worked to death and shot instead of gassed.

New comment by rudolf0 in "How Peter Thiel’s Palantir helped expand the NSA’s global spy network"

rudolf0 — Wed, 22 Feb 2017 15:20:14 +0000

Trump is a lot of things, but he isn't really anti-LGBT.

New comment by rudolf0 in "The Pleasures and Pains of Coffee (1830)"

rudolf0 — Wed, 15 Feb 2017 17:17:08 +0000

This is a translation of the original French. The translation was done within the past 50 years, I think.

New comment by rudolf0 in "Someone Created a Startup Just like Mine and Here Is Why That Is Awesome"

rudolf0 — Wed, 15 Feb 2017 16:01:02 +0000

That's true, the MTurk questions he asked are very similar.

It could maybe be coincidental, since that's basically the default things you'd ask someone when trying to understand pain points and product ideas, but I do see your point since it seems like it's the same 4 questions.

New comment by rudolf0 in "Someone Created a Startup Just like Mine and Here Is Why That Is Awesome"

rudolf0 — Wed, 15 Feb 2017 15:52:11 +0000

"Stole" seems like a big stretch. It seems just as likely he's had this idea for a while, and registered just to check out his soon-to-be competition.

New comment by rudolf0 in "Finding Ticketbleed"

rudolf0 — Thu, 09 Feb 2017 15:40:24 +0000

It's straightforward, it's not trying to shill Cloudflare products too much, it's not self-congratulatory, and it's told from the chronological first-person perspective of an engineer trying to debug a protocol issue and accidentally uncovering a critical vuln.

Basically, it wasn't written by a marketing department like most of these other company-found vuln disclosures.

New comment by rudolf0 in "Search at Slack"

rudolf0 — Wed, 08 Feb 2017 20:52:06 +0000

They're marketed towards casual users but Discord is probably the best chat and collaboration software I've used so far. I definitely prefer it to Slack for professional-type stuff.

You can use Discord any want you want. If you join some popular Discord server, odds are it'll be full of spam and Internet humor, but obviously you can do whatever like on your own server(s).